Question in login script
Hi, I am currently working on a project on asp login. Login.asp seems okie since i am able to login the. After i login, it should link to default.asp, which is supposed to display the profile of the user from a database. However, default.asp did load but nothing appear on the webpage. There is also no error msg at all. I will include the script for login.asp and default.asp below. Please feel free to comment. Thanks a lot!
---------------------------------------------------------------- login.asp --------------------------------------------------------------------------
<HTML>
<style type="text/css">
<!--
.style1 {
font-size: 36px;
font-weight: bold;
}
-->
</style>
<BODY>
<div align="center">
<p> </p>
<p>
<%
Response.Expires = 0
If Request.Form("cmdLogin") <> "" Then
Dim strUsername
Dim strPassword
Dim Con
Dim rsQuery
strUsername = Replace(Request.Form("txtUsername"),"'","''")
strPassword = Request.Form("txtPassword")
Set Con = Server.CreateObject("ADODB.Connection")
Set rsQuery = Server.CreateObject("ADODB.Recordset")
dbname="www.mdb"
cnpath="DBQ=" & server.mappath(dbname)
Con.Open "DRIVER={Microsoft Access Driver (*.mdb)}; " & cnpath
Set rsQuery = Con.Execute("SELECT Password,Username FROM UserDB WHERE Username='" & strUsername & "'")
If rsQuery.EOF Then
Response.Write "Username not found."
%>
<br>
<br>
<%
Response.Write("<a href=Login.asp>Login again</a>")
Else
If strPassword = rsQuery("Password").Value Then
'set sessions
Session("Username") = "[" & rsQuery("Username").Value & "]"
'Cookie code
Response.Cookies("NEVERGUESSUsername")=rsQuery("Us ername").Value
Response.Cookies("NEVERGUESSUsername").Expires=Now () + 10
Response.Cookies("NEVERGUESSPassword")=rsQuery("Pa ssword").Value
Response.Cookies("NEVERGUESSPassword").Expires=Now () + 10
Response.Redirect "Default.asp"
Else
Response.Write "Invalid Password."
%>
<br>
<br>
<%
Response.Write("<a href=Login.asp>Login again</a>")
End If
End If
Else
%>
<span class="style1">Welcome to RFIC Profile Database</span></p>
<p> </p>
</div>
<form name="form1" method="post" action="Login.asp">
<TABLE BORDER=0 align="center">
<TR>
<TD>Username</TD>
<TD><INPUT TYPE="TEXT" NAME="txtUsername"> </TD>
</TR>
<TR>
<TD bgcolor="#FFFFFF">Password</TD>
<TD><INPUT TYPE="PASSWORD" NAME="txtPassword" > </TD>
</TR>
</TABLE>
<br>
<CENTER>
<input name="cmdlogin" type="submit" id="submit" value="Login" >
<input type="reset" name="cmdReset" value="Reset" >
</CENTER>
</form>
<%
End If
%>
</BODY>
</HTML>
---------------------------------------------------------------- default.asp --------------------------------------------------------------------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HEAD>
<TITLE>login.1.asp</TITLE>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</HEAD>
<html>
<body>
<%
Response.Expires=0
Dim Con
Dim rsQuery
Dim strAction
DIm strSubmit
Dim intID
DIm strName
Dim strMessage
Set Con = Server.CreateObject("ADODB.Connection")
Set rsQuery = Server.CreateObject("ADODB.Recordset")
strAction = Request.QueryString("Action")
strSubmit = Request.Form("Submit")
dbname="www.mdb"
cnpath="DBQ=" & server.mappath(dbname)
Con.Open "DRIVER={Microsoft Access Driver (*.mdb)}; " & cnpath
If Session("Username") = "" Then
If Request.Cookies("NEVERGUESSUsername") <> "" Then
Set rsQuery = Con.Execute("SELECT Password,Username FROM UserDB WHERE Username='" & Request.Cookies("NEVERGUESSUsername") & "'")
If NOT rsQuery.EOF Then
If Request.Cookies("NEVERGUESSPassword") = rsQuery("Password").Value Then
Session("Username") = "[" & rsQuery("Username").Value & "]"
Application("Users" & Session("Start")) = Session("Username")
End If
End If
End If
end if
intID = Request.QueryString("ID")
If intID = "" Then intID = 0
If strSubmit = "" Then strSubmit = " "
If strAction = "" Then strAction = " "
Set rsQuery = Con.Execute ("SELECT * FROM UserDB WHERE ID=" & intID)
If not rsQuery.EOF then
%>
<table width="1224" border="1">
<tr>
<td width="176">Name</td>
<td width="966"><%Response.write rsQuery("Name")%></td>
</tr>
<tr>
<td>Job Title</td>
<td><%Response.write rsQuery("Job")%></td>
</tr>
<tr>
<td>Department</td>
<td><%Response.write rsQuery("Department")%></td>
</tr>
<tr>
<td>Phone Number</td>
<td><%Response.write rsQuery("Phone")%></td>
</tr>
<tr>
<td>Fax Number</td>
<td><%Response.write rsQuery("Fax")%></td>
</tr>
<tr>
<td>Office</td>
<td><%Response.write rsQuery("Office")%></td>
</tr>
<tr>
<td>Email</td>
<td><%Response.write rsQuery("Email")%></td>
</tr>
<tr>
<td>Biography</td>
<td><%Response.write rsQuery("Biography")%></td>
</tr>
<tr>
<td>RF IC Work in NTU</td>
<td><%Response.write rsQuery("RFIC")%></td>
</tr>
<tr>
<td>Research Interest</td>
<td><%Response.write rsQuery("Interest")%></td>
</tr>
<tr>
<td>Selected Projects</td>
<td><%Response.write rsQuery("Project")%></td>
</tr>
<tr>
<td>Major Research Accomplishment</td>
<td><%Response.write rsQuery("Accomplishment")%></td>
</tr>
</table>
<%
End if
%>
</body>
</html>
|